Project Documentation

Client API Reference

Clients wishing to access an OA4MP server directly can do so using the supplied programming API. This document
outlines the steps needed and discusses how to accomplish this.

Accessing the Client API via Maven

The only supported method for including the client API in your project is via maven. This is supported by most every
IDE and works well from the command line too. Simply include the following dependency in your project pom:

The first generates a public/private keypair and certificate request. The OA4MPResponse object contains the URI to
which to redirect
the user and the generated private key. You must redirect the user to the given URI since this is
where s/he will authenticate with the MyProxy server.

Once the user has finished, the server does a callback to the uri you specify. It will contain parameters in the
request for the temp token and verifier. You must pass these to the method. The OA4MPService instance will then
complete the rest of the OAuth protocol and get the certificate. The AssetResponse contains the username,
i.e. the name the user used to authenticate and the X509 certificate itself.

A Basic Example

To use the service, you must create a ClientEnvironment object. This is certainly do-able manually,
but it is much better to use one of the ClientEnvironmentUtil's load methods. Here is an example.

"OAuth 2 extensions

For OAuth 2 support, there are two more API calls possible to support the specification. This
being Java you need to instantiate the class
edu.uiuc.ncsa.oa4mp.oauth2.client.OA2MPService
which extends the above OA4MPService class above. There are two additional calls

The Asset Store API

There are two other calls in the API that will tell the service to use the asset store. Note that these will
fail if there is no such store enabled. You must supply a unique identifier which is a URI. The associated
asset may then be recovered with this key. Typically this identifier
is stored in the user's browser as a cookie and retrieved on during the callback.

A simple example

At this point, the first exchange with the server is done and an asset with
the given id has been created in the store. After callback when you have the
accessToken and the verifier you can finish the exchange
and get the asset: